CVE-2021-0146

CVE-2021-0146

Name

CVE-2021-0146

Description

Hardware allows activation of test or debug logic at runtime for some Intel(R) processors which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html
Third Party Advisory	https://security.netapp.com/advisory/ntap-20211210-0006/

Type

URI

MISC

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20211210-0006/

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
intel-ucode	edge-main	20220207-r0	Marian Buschsieweke <marian.buschsieweke@ovgu.de>	fixed
intel-ucode	3.22-main	20220207-r0	None	fixed
intel-ucode	3.21-main	20220207-r0	None	fixed
intel-ucode	3.20-main	20220207-r0	None	fixed
intel-ucode	3.19-main	20220207-r0	None	fixed
intel-ucode	3.18-main	20220207-r0	None	fixed
intel-ucode	3.17-main	20220207-r0	None	fixed

Source package

Branch

Version

Maintainer

Status

intel-ucode

edge-main

20220207-r0

Marian Buschsieweke <marian.buschsieweke@ovgu.de>

fixed

intel-ucode

3.22-main